90 lines
2.5 KiB
TypeScript
90 lines
2.5 KiB
TypeScript
|
import {
|
||
|
BadRequestException,
|
||
|
Body,
|
||
|
Controller,
|
||
|
Get,
|
||
|
Post,
|
||
|
Request,
|
||
|
ValidationPipe
|
||
|
} from '@nestjs/common';
|
||
|
import { AuthService } from 'services/auth';
|
||
|
import { Requests, Responses, UserRole } from 'dto';
|
||
|
import { Role } from 'authguards';
|
||
|
import { InjectRepository } from '@nestjs/typeorm';
|
||
|
import { tfaTypes, User } from 'entities';
|
||
|
import { Repository } from 'typeorm';
|
||
|
|
||
|
@Controller('api/admin')
|
||
|
export default class AdminController {
|
||
|
constructor(
|
||
|
@InjectRepository(User)
|
||
|
private userRepo: Repository<User>,
|
||
|
private authService: AuthService
|
||
|
) {}
|
||
|
|
||
|
@Role(UserRole.ADMIN)
|
||
|
@Get('users')
|
||
|
async getUsers(): Promise<Responses.Admin.GetUsers> {
|
||
|
const users = await this.userRepo.find();
|
||
|
const entries = users.map(
|
||
|
(user) =>
|
||
|
new Responses.Admin.GetUsersEntry(
|
||
|
user.id,
|
||
|
user.isGitlabUser,
|
||
|
user.name,
|
||
|
user.role,
|
||
|
this.authService.requiresTfa(user)
|
||
|
)
|
||
|
);
|
||
|
return new Responses.Admin.GetUsers(entries);
|
||
|
}
|
||
|
|
||
|
@Role(UserRole.ADMIN)
|
||
|
@Post('set_role')
|
||
|
async setRole(
|
||
|
@Request() req,
|
||
|
@Body(new ValidationPipe()) data: Requests.Admin.SetUserRole
|
||
|
): Promise<Responses.Admin.SetUserRole> {
|
||
|
const user = await this.authService.getUser(data.user);
|
||
|
if (!user) throw new BadRequestException('Invalid user');
|
||
|
await this.authService.setUserRole(user, data.role);
|
||
|
return new Responses.Admin.SetUserRole();
|
||
|
}
|
||
|
|
||
|
@Role(UserRole.ADMIN)
|
||
|
@Post('logout')
|
||
|
async logout(
|
||
|
@Request() req,
|
||
|
@Body(new ValidationPipe()) data: Requests.Admin.LogoutAll
|
||
|
): Promise<Responses.Admin.LogoutAllUser> {
|
||
|
const user = await this.authService.getUser(data.user);
|
||
|
if (!user) throw new BadRequestException('Invalid user');
|
||
|
await this.authService.revokeAll(user);
|
||
|
return new Responses.Admin.LogoutAllUser();
|
||
|
}
|
||
|
|
||
|
@Role(UserRole.ADMIN)
|
||
|
@Post('delete')
|
||
|
async delete(
|
||
|
@Request() req,
|
||
|
@Body(new ValidationPipe()) data: Requests.Admin.DeleteUser
|
||
|
): Promise<Responses.Admin.DeleteUser> {
|
||
|
const user = await this.authService.getUser(data.user);
|
||
|
if (!user) throw new BadRequestException('Invalid user');
|
||
|
await this.authService.deleteUser(user);
|
||
|
return new Responses.Admin.DeleteUser();
|
||
|
}
|
||
|
|
||
|
@Role(UserRole.ADMIN)
|
||
|
@Post('disable_2fa')
|
||
|
async disableTfa(
|
||
|
@Request() req,
|
||
|
@Body(new ValidationPipe()) data: Requests.Admin.DisableTfa
|
||
|
): Promise<Responses.Admin.DisableTfa> {
|
||
|
const user = await this.authService.getUser(data.user);
|
||
|
if (!user) throw new BadRequestException('Invalid user');
|
||
|
await this.authService.setTfaType(user, tfaTypes.NONE);
|
||
|
return new Responses.Admin.DisableTfa();
|
||
|
}
|
||
|
}
|